mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-09-21 15:36:22 +08:00
Merge pull request #1323 from okriuchykhin/ok_SCI_2741
Add endpoints for managing inventory list items [SCI-2741]
This commit is contained in:
commit
7bad772e81
|
@ -8,6 +8,7 @@ module Api
|
|||
before_action :load_inventory_column, only: %i(show update destroy)
|
||||
before_action :check_manage_permissions, only: %i(update destroy)
|
||||
before_action :check_create_permissions, only: %i(create)
|
||||
|
||||
def index
|
||||
columns = @inventory.repository_columns
|
||||
.includes(:repository_list_items)
|
||||
|
|
93
app/controllers/api/v1/inventory_list_items_controller.rb
Normal file
93
app/controllers/api/v1/inventory_list_items_controller.rb
Normal file
|
@ -0,0 +1,93 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Api
|
||||
module V1
|
||||
class InventoryListItemsController < BaseController
|
||||
before_action :load_vars
|
||||
before_action :load_inventory_list_item, only: %i(show update destroy)
|
||||
before_action :check_manage_permissions, only: %i(create update destroy)
|
||||
|
||||
def index
|
||||
list_items = @inventory_column.repository_list_items
|
||||
.page(params.dig(:page, :number))
|
||||
.per(params.dig(:page, :size))
|
||||
render jsonapi: list_items, each_serializer: InventoryListItemSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
list_item = @inventory_column.repository_list_items
|
||||
.create!(inventory_list_item_params)
|
||||
render jsonapi: list_item,
|
||||
serializer: InventoryListItemSerializer,
|
||||
status: :created
|
||||
end
|
||||
|
||||
def show
|
||||
render jsonapi: @inventory_list_item,
|
||||
serializer: InventoryListItemSerializer
|
||||
end
|
||||
|
||||
def update
|
||||
@inventory_list_item.attributes = update_inventory_list_item_params
|
||||
if @inventory_list_item.changed? && @inventory_list_item.save!
|
||||
render jsonapi: @inventory_list_item,
|
||||
serializer: InventoryListItemSerializer
|
||||
else
|
||||
render body: nil, status: :no_content
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
@inventory_list_item.destroy!
|
||||
render body: nil
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def load_vars
|
||||
@team = Team.find(params.require(:team_id))
|
||||
unless can_read_team?(@team)
|
||||
return render jsonapi: {}, status: :forbidden
|
||||
end
|
||||
@inventory = @team.repositories.find(params.require(:inventory_id))
|
||||
@inventory_column =
|
||||
@inventory.repository_columns.find(params.require(:column_id))
|
||||
unless @inventory_column.data_type == 'RepositoryListValue'
|
||||
return render body: nil, status: :bad_request
|
||||
end
|
||||
end
|
||||
|
||||
def load_inventory_list_item
|
||||
@inventory_list_item =
|
||||
@inventory_column.repository_list_items.find(params.require(:id))
|
||||
end
|
||||
|
||||
def check_manage_permissions
|
||||
unless can_manage_repository_column?(@inventory_column)
|
||||
render body: nil, status: :forbidden
|
||||
end
|
||||
end
|
||||
|
||||
def inventory_list_item_params
|
||||
unless params.require(:data).require(:type) == 'inventory_list_items'
|
||||
raise ActionController::BadRequest,
|
||||
'Wrong object type within parameters'
|
||||
end
|
||||
params.require(:data).require(:attributes)
|
||||
params.permit(data: { attributes: %i(data) })[:data].merge(
|
||||
created_by: @current_user,
|
||||
last_modified_by: @current_user,
|
||||
repository: @inventory
|
||||
)
|
||||
end
|
||||
|
||||
def update_inventory_list_item_params
|
||||
unless params.require(:data).require(:id).to_i == params[:id].to_i
|
||||
raise ActionController::BadRequest,
|
||||
'Object ID mismatch in URL and request body'
|
||||
end
|
||||
inventory_list_item_params[:attributes]
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -550,7 +550,12 @@ Rails.application.routes.draw do
|
|||
resources :inventory_columns,
|
||||
only: %i(index create show update destroy),
|
||||
path: 'columns',
|
||||
as: :columns
|
||||
as: :columns do
|
||||
resources :inventory_list_items,
|
||||
only: %i(index create show update destroy),
|
||||
path: 'list_items',
|
||||
as: :list_items
|
||||
end
|
||||
resources :inventory_items,
|
||||
only: %i(index create show update destroy),
|
||||
path: 'items',
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
FactoryBot.define do
|
||||
factory :repository_list_item do
|
||||
data ''
|
||||
data { Faker::Name.unique.name }
|
||||
repository { Repository.first || create(:repository) }
|
||||
created_by { User.first || association(:project_user) }
|
||||
last_modified_by { User.first || association(:project_user) }
|
||||
|
|
376
spec/requests/api/v1/inventory_list_items_controller_spec.rb
Normal file
376
spec/requests/api/v1/inventory_list_items_controller_spec.rb
Normal file
|
@ -0,0 +1,376 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Api::V1::InventoryListItemsController', type: :request do
|
||||
before :all do
|
||||
@user = create(:user)
|
||||
@teams = create_list(:team, 2, created_by: @user)
|
||||
create(:user_team, user: @user, team: @teams.first, role: 2)
|
||||
|
||||
@valid_inventory = create(:repository, name: Faker::Name.unique.name,
|
||||
created_by: @user, team: @teams.first)
|
||||
|
||||
@wrong_inventory = create(:repository, name: Faker::Name.unique.name,
|
||||
created_by: @user, team: @teams.second)
|
||||
create(:repository_column, name: Faker::Name.unique.name,
|
||||
repository: @wrong_inventory, data_type: :RepositoryTextValue)
|
||||
|
||||
@text_column = create(:repository_column, name: Faker::Name.unique.name,
|
||||
repository: @valid_inventory, data_type: :RepositoryTextValue)
|
||||
@list_column = create(:repository_column, name: Faker::Name.unique.name,
|
||||
repository: @valid_inventory, data_type: :RepositoryListValue)
|
||||
@wrong_list_column = create(:repository_column,
|
||||
name: Faker::Name.unique.name,
|
||||
repository: @wrong_inventory,
|
||||
data_type: :RepositoryListValue)
|
||||
create_list(:repository_list_item, 10, repository: @valid_inventory,
|
||||
repository_column: @list_column)
|
||||
create(:repository_list_item, repository: @wrong_inventory,
|
||||
repository_column: @wrong_list_column)
|
||||
|
||||
@valid_headers =
|
||||
{ 'Authorization': 'Bearer ' + generate_token(@user.id) }
|
||||
end
|
||||
|
||||
describe 'GET inventory_list_items, #index' do
|
||||
it 'Response with correct inventory list items, default per page' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @teams.first.repositories.first.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body[:data]).to match(
|
||||
ActiveModelSerializers::SerializableResource
|
||||
.new(@list_column.repository_list_items.limit(10),
|
||||
each_serializer: Api::V1::InventoryListItemSerializer)
|
||||
.as_json[:data]
|
||||
)
|
||||
end
|
||||
|
||||
it 'When invalid request, user in not member of the team' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @wrong_inventory.team.id,
|
||||
inventory_id: @wrong_inventory.id,
|
||||
column_id: @wrong_inventory.repository_columns.first.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(403)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, non existing inventory' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: 123,
|
||||
column_id: 999
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, repository from another team' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @wrong_inventory.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, items from text column' do
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @text_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect(response.body).to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET inventory_list_items, #show' do
|
||||
it 'Response with correct inventory list item' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_item_path(
|
||||
id: @list_column.repository_list_items.first.id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @teams.first.repositories.first.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body[:data]).to match(
|
||||
ActiveModelSerializers::SerializableResource
|
||||
.new(@list_column.repository_list_items.first,
|
||||
serializer: Api::V1::InventoryListItemSerializer)
|
||||
.as_json[:data]
|
||||
)
|
||||
end
|
||||
|
||||
it 'When invalid request, non existing list item' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_item_path(
|
||||
id: 999,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @teams.first.repositories.first.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, list item from another column' do
|
||||
hash_body = nil
|
||||
get api_v1_team_inventory_column_list_items_path(
|
||||
id: @wrong_list_column.repository_list_items.first.id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @wrong_inventory.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST inventory_list_item, #create' do
|
||||
before :all do
|
||||
@valid_headers['Content-Type'] = 'application/vnd.api+json'
|
||||
@request_body = {
|
||||
data: {
|
||||
type: 'inventory_list_items',
|
||||
attributes: { data: Faker::Name.unique.name }
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
it 'Response with correct inventory list item' do
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: @request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status 201
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body[:data]).to match(
|
||||
ActiveModelSerializers::SerializableResource
|
||||
.new(RepositoryListItem.last,
|
||||
serializer: Api::V1::InventoryListItemSerializer)
|
||||
.as_json[:data]
|
||||
)
|
||||
end
|
||||
|
||||
it 'When invalid request, user in not member of the team' do
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.second.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: @request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status 403
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, non existing inventory' do
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: 123,
|
||||
column_id: @list_column
|
||||
), params: @request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status 404
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, repository from another team' do
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @wrong_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: @request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, incorrect type' do
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:data][:type] = 'repository_rows'
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, missing type param' do
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:data].delete(:type)
|
||||
hash_body = nil
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, missing attributes values' do
|
||||
hash_body = nil
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:data][:attributes].delete(:data)
|
||||
post api_v1_team_inventory_column_list_items_path(
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
end
|
||||
|
||||
describe 'PUT inventory_list_item, #update' do
|
||||
before :all do
|
||||
@valid_headers['Content-Type'] = 'application/vnd.api+json'
|
||||
@request_body = {
|
||||
data: {
|
||||
id: @list_column.repository_list_items.first.id,
|
||||
type: 'inventory_list_items',
|
||||
attributes: { data: 'Updated' }
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
it 'Response with correct inventory list item' do
|
||||
hash_body = nil
|
||||
put api_v1_team_inventory_column_list_item_path(
|
||||
id: @list_column.repository_list_items.first.id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: @request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status 200
|
||||
expect { hash_body = json }.not_to raise_exception
|
||||
expect(hash_body[:data]).to match(
|
||||
ActiveModelSerializers::SerializableResource
|
||||
.new(@list_column.repository_list_items.first,
|
||||
serializer: Api::V1::InventoryListItemSerializer)
|
||||
.as_json[:data]
|
||||
)
|
||||
expect(@list_column.repository_list_items.first.data).to match('Updated')
|
||||
end
|
||||
|
||||
it 'When invalid request, incorrect type' do
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:data][:type] = 'repository_rows'
|
||||
hash_body = nil
|
||||
put api_v1_team_inventory_column_list_item_path(
|
||||
id: @list_column.repository_list_items.first.id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, missing attributes values' do
|
||||
hash_body = nil
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:data][:attributes].delete(:data)
|
||||
put api_v1_team_inventory_column_list_item_path(
|
||||
id: @list_column.repository_list_items.first.id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(400)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
|
||||
it 'When invalid request, non existing item' do
|
||||
hash_body = nil
|
||||
invalid_request_body = @request_body.deep_dup
|
||||
invalid_request_body[:id] = 999
|
||||
put api_v1_team_inventory_column_list_item_path(
|
||||
id: 999,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column
|
||||
), params: invalid_request_body.to_json, headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect { hash_body = json }.to_not raise_exception
|
||||
expect(hash_body).to match({})
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE inventory_columns, #destroy' do
|
||||
it 'Destroys inventory column' do
|
||||
deleted_id = @list_column.repository_list_items.last.id
|
||||
delete api_v1_team_inventory_column_list_item_path(
|
||||
id: deleted_id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(200)
|
||||
expect(RepositoryListItem.where(id: deleted_id)).to_not exist
|
||||
end
|
||||
|
||||
it 'Invalid request, non existing inventory list item' do
|
||||
delete api_v1_team_inventory_column_list_item_path(
|
||||
id: 1001,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
|
||||
it 'When invalid request, incorrect repository' do
|
||||
deleted_id = @list_column.repository_list_items.last.id
|
||||
delete api_v1_team_inventory_column_list_item_path(
|
||||
id: deleted_id,
|
||||
team_id: @teams.first.id,
|
||||
inventory_id: 9999,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(404)
|
||||
expect(RepositoryListItem.where(id: deleted_id)).to exist
|
||||
end
|
||||
|
||||
it 'When invalid request, repository from another team' do
|
||||
deleted_id = @list_column.repository_list_items.last.id
|
||||
delete api_v1_team_inventory_column_list_item_path(
|
||||
id: deleted_id,
|
||||
team_id: @teams.second.id,
|
||||
inventory_id: @valid_inventory.id,
|
||||
column_id: @list_column.id
|
||||
), headers: @valid_headers
|
||||
expect(response).to have_http_status(403)
|
||||
expect(RepositoryListItem.where(id: deleted_id)).to exist
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue